class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception

  layout :layout_by_resource

  before_filter :authenticate_account!
  before_filter :configure_permitted_parameters, if: :devise_controller?

  protected
  
  def after_sign_out_path_for(resource_or_scope)
    hello_path
  end

  def layout_by_resource
    if devise_controller?
      "devise"
    else
      "application"
    end
  end

  def configure_permitted_parameters
    devise_parameter_sanitizer.for(:account_update)  do |u|
      u.permit(:username, :email, :password, :password_confirmation, :current_password)
    end

    devise_parameter_sanitizer.for(:sign_up)  do |u|
      u.permit(:username, :email, :password, :password_confirmation)
    end

    devise_parameter_sanitizer.for(:sign_in)  do |u|
      u.permit(:username, :email, :password)
    end
  end  
end
